Candidate: CVE-2010-3171 PublicDate: 2010-09-15 20:00:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3171 Description: The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, 3.6.4 through 3.6.8, and 4.0 Beta1 uses a random number generator that is seeded only once per document object, which makes it easier for remote attackers to track a user, or trick a user into acting upon a spoofed pop-up message, by calculating the seed value, related to a "temporary footprint" and an "in-session phishing attack." NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-5913. Ubuntu-Description: Notes: jdstrand> CVEs in Firefox are tracked in the xulrunner source packages for builds that use the system xulrunner, and firefox source packages for those that use a static build xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS (system xul) xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS (system xul) xulrunner-1.9: (ignored) reverse dependencies no longer process web content xulrunner-1.9.1: (ignored) reverese dependencies no longer process web content xulrunner-1.9.2: system xul for reverese dependencies that process web content firefox: Ubuntu 6.06 LTS (static build) firefox: Ubuntu 10.04 LTS and higher (static build of 3.6.x or higher) firefox-3.0: Ubuntu 8.04 LTS, 9.04 (static build of 3.6.x) firefox-3.5: Ubuntu 9.04 (ignored, uses system xul 1.9.1. Use 3.0 instead) firefox-3.5: Ubuntu 9.10 (static build of 3.6.x) Bugs: https://bugzilla.mozilla.org/show_bug.cgi?id=577512 Priority: medium Discovered-by: Assigned-to: CVSS: Patches_firefox: upstream_firefox: needs-triage dapper_firefox: ignored (reached end-of-life) hardy_firefox: ignored (uses system xulrunner) jaunty_firefox: DNE karmic_firefox: DNE lucid_firefox: not-affected (3.6.16+build1+nobinonly-0ubuntu0.10.04.1) maverick_firefox: not-affected (3.6.16+build1+nobinonly-0ubuntu0.10.10.1) natty_firefox: not-affected (4.0+nobinonly-0ubuntu1) devel_firefox: not-affected (4.0+nobinonly-0ubuntu1) Patches_firefox-3.0: upstream_firefox-3.0: needs-triage (Ubuntu source uses 3.6.x) dapper_firefox-3.0: DNE hardy_firefox-3.0: not-affected (3.6.16+build1+nobinonly-0ubuntu0.8.04.1) jaunty_firefox-3.0: ignored (reached end-of-life) karmic_firefox-3.0: DNE lucid_firefox-3.0: DNE maverick_firefox-3.0: DNE natty_firefox-3.0: DNE devel_firefox-3.0: DNE Patches_firefox-3.5: upstream_firefox-3.5: needs-triage (Ubuntu source uses 3.6.x) dapper_firefox-3.5: DNE hardy_firefox-3.5: DNE jaunty_firefox-3.5: ignored karmic_firefox-3.5: not-affected (3.6.16+build1+nobinonly-0ubuntu0.9.10.1) lucid_firefox-3.5: DNE maverick_firefox-3.5: DNE natty_firefox-3.5: DNE devel_firefox-3.5: DNE Patches_xulrunner-1.9.2: upstream_xulrunner-1.9.2: needs-triage dapper_xulrunner-1.9.2: DNE hardy_xulrunner-1.9.2: not-affected (1.9.2.16+build1+nobinonly-0ubuntu0.8.04.1) jaunty_xulrunner-1.9.2: ignored (reached end-of-life) karmic_xulrunner-1.9.2: not-affected lucid_xulrunner-1.9.2: not-affected maverick_xulrunner-1.9.2: not-affected natty_xulrunner-1.9.2: not-affected (1.9.2.15+build1+nobinonly-0ubuntu1) devel_xulrunner-1.9.2: not-affected (1.9.2.15+build1+nobinonly-0ubuntu1) Patches_seamonkey: upstream_seamonkey: needs-triage dapper_seamonkey: DNE hardy_seamonkey: not-affected (2.0.11+build1+nobinonly-0ubuntu0.8.04.1) jaunty_seamonkey: ignored (reached end-of-life) karmic_seamonkey: not-affected lucid_seamonkey: not-affected maverick_seamonkey: not-affected natty_seamonkey: not-affected devel_seamonkey: not-affected Patches_thunderbird: upstream_thunderbird: needs-triage dapper_thunderbird: DNE hardy_thunderbird: ignored (reached end-of-life) jaunty_thunderbird: ignored (reached end-of-life) karmic_thunderbird: ignored (reached end-of-life) lucid_thunderbird: not-affected (3.1.8+build3+nobinonly-0ubuntu0.10.04.1) maverick_thunderbird: not-affected natty_thunderbird: not-affected devel_thunderbird: not-affected